Skip to content
Deploy to AWS EKS

Introduce UFPB labcheck initial deployment setup #327

Sign in to view logs

Introduce UFPB labcheck initial deployment setup

Introduce UFPB labcheck initial deployment setup #327

Workflow file for this run

.github/workflows/aws.yml at d1df59a
name: Deploy to AWS EKS
on:
push:
branches:
- master
- stage
- ufpb-labcheck
# For future
# release:
# types: [created]
env:
# Map branches to their corresponding environment prefixes
PREFIX: ${{
contains(github.ref, 'refs/heads/master') && 'PRODUCTION' ||
contains(github.ref, 'refs/heads/stage') && 'STAGE' ||
contains(github.ref, 'refs/heads/ufpb-labcheck') && 'UFPB_LABCHECK'
}}
ENVIRONMENT: ${{
contains(github.ref, 'refs/heads/master') && 'production' ||
contains(github.ref, 'refs/heads/stage') && 'stage' ||
contains(github.ref, 'refs/heads/ufpb-labcheck') && 'labcheck'
}}
API_URL: ${{ secrets['API_URL_' + env.PREFIX] }}

Check failure on line 26 in .github/workflows/aws.yml

View workflow run for this annotation

GitHub Actions / Deploy to AWS EKS

Invalid workflow file 

The workflow is not valid. .github/workflows/aws.yml (Line: 26, Col: 12): Unexpected symbol: '+'. Located at position 20 within expression: secrets['API_URL_' + env.PREFIX] .github/workflows/aws.yml (Line: 29, Col: 19): Unrecognized named-value: 'env'. Located at position 9 within expression: secrets[env.PREFIX + '_AWS_SDK_BUCKET']
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-1
AWS_SDK_BUCKET: ${{ secrets[env.PREFIX + '_AWS_SDK_BUCKET'] }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
ECR_REGISTRY: ${{ secrets.ECR_REGISTRY }}
GITHUB_SHA: ${{ github.sha }}
KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
NEW_RELIC_LICENSE_KEY: ${{ secrets.NEW_RELIC_LICENSE_KEY }}
IMAGE: aletheiafact-production
ENV: ${{ env.ENVIRONMENT }}
UMAMI_SITE_ID: ${{ secrets[env.PREFIX + '_UMAMI_SITE_ID'] }}
MONGODB_URI: ${{ secrets[env.PREFIX + '_MONGODB_URI'] }}
MONGODB_NAME: ${{ secrets[env.PREFIX + '_MONGODB_NAME'] }}
ORY_SDK_URL: ${{ secrets[env.PREFIX + '_ORY_SDK_URL'] }}
ORY_ACCESS_TOKEN: ${{ secrets[env.PREFIX + '_ORY_ACCESS_TOKEN'] }}
ALETHEIA_SCHEMA_ID: ${{ secrets[env.PREFIX + '_ALETHEIA_SCHEMA_ID'] }}
RECAPTCHA_SITEKEY: ${{ secrets.RECAPTCHA_SITEKEY }}
NOVU_API_KEY: ${{ secrets[env.PREFIX + '_NOVU_API_KEY'] }}
NOVU_APPLICATION_IDENTIFIER: ${{ secrets[env.PREFIX + '_NOVU_APPLICATION_IDENTIFIER'] }}
NEW_RELIC_APP_NAME: ${{ secrets[env.PREFIX + '_NEW_RELIC_APP_NAME'] }}
GITLAB_FEATURE_FLAG_URL: ${{ secrets.GITLAB_FEATURE_FLAG_URL }}
GITLAB_FEATURE_FLAG_INSTANCE_ID: ${{ secrets.GITLAB_FEATURE_FLAG_INSTANCE_ID }}
# Needed env variables for first build on next
NEXT_PUBLIC_UMAMI_SITE_ID: ${{ secrets[env.PREFIX + '_UMAMI_SITE_ID'] }}
NEXT_PUBLIC_RECAPTCHA_SITEKEY: ${{ secrets.RECAPTCHA_SITEKEY }}
AGENTS_API_URL: ${{ secrets[env.PREFIX + '_AGENTS_API_URL'] }}
OPENAI_API_KEY: ${{ secrets[env.PREFIX + '_OPENAI_API_KEY'] }}
ZENVIA_API_URL: ${{ secrets[env.PREFIX + '_ZENVIA_API_URL'] }}
ZENVIA_API_TOKEN: ${{ secrets[env.PREFIX + '_ZENVIA_API_URL'] }}
AGENCIA_ACCESS_TOKEN: ${{ secrets[env.PREFIX + '_AGENCIA_ACCESS_TOKEN'] }}
RECAPTCHA_SECRET: ${{ secrets.RECAPTCHA_SECRETKEY }}
TAG: ${{ github.sha}}
jobs:
setup-build-publish:
name: Build & Publish
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Install pkl
uses: pkl-community/setup-pkl@v0
with:
pkl-version: 0.25.2
# Setting up config.yaml based on environment
- name: Set config.yaml
run: |
pkl eval -f yaml ./deployment/config/config-file/$ENVIRONMENT.pkl > config.$ENVIRONMENT.yaml
- name: Set migrate-mongo-config.ts
run: |
sed -i "s%MONGODB_URI%$MONGODB_URI%g" migrate-mongo-config-example.ts
sed -i "s%MONGODB_NAME%$MONGODB_NAME%g" migrate-mongo-config-example.ts
# Build the Docker image
- name: Build
run: |
docker build --build-arg ENVIRONMENT=$ENVIRONMENT \
--build-arg NEXT_PUBLIC_UMAMI_SITE_ID=$NEXT_PUBLIC_UMAMI_SITE_ID \
--build-arg NEXT_PUBLIC_ENVIRONMENT=$ENVIRONMENT \
--build-arg NEXT_PUBLIC_ORY_SDK_URL=$ORY_SDK_URL \
--build-arg NEXT_PUBLIC_RECAPTCHA_SITEKEY=${{ secrets.NEXT_PUBLIC_RECAPTCHA_SITEKEY }} \
-t "$ECR_REGISTRY"/"$IMAGE":"$GITHUB_SHA" .
docker tag "$ECR_REGISTRY"/"$IMAGE":"$GITHUB_SHA" "$ECR_REGISTRY"/"$IMAGE":latest
# Push the Docker image to Google Container Registry
- name: Publish
run: |
docker push $ECR_REGISTRY/$IMAGE:$GITHUB_SHA
if [[ "$ENVIRONMENT" == "production" ]]; then docker push "$ECR_REGISTRY"/"$IMAGE":latest; fi
deploy:
name: Deploy
needs: setup-build-publish
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install pkl
uses: pkl-community/setup-pkl@v0
with:
pkl-version: 0.25.2
- name: Set deployment/app.yml
run: |
pkl eval -f yaml ./deployment/k8s/$ENVIRONMENT.pkl > deployment/app.yml
- name: Applying Kubernetes Deployment
uses: giovannirossini/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: "us-east-1"
cluster-name: "production"
command: kubectl apply -f ./deployment/
- name: Validation
uses: giovannirossini/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: "us-east-1"
cluster-name: "production"
command: kubectl rollout status deployments/aletheia -n ${{ env.ENVIRONMENT }} --timeout=360s
if: success()
- name: Rollback
uses: giovannirossini/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: "us-east-1"
cluster-name: "production"
command: kubectl rollout undo deployments/aletheia -n ${{ env.ENVIRONMENT }}
if: failure()